Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.09%
25.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | Legacy Modicon Premium CPUs (TSXP57*) | All, All |
| Schneider Electric | Modicon M580 CPU (part numbers BMEP* and BMEH*) | prior to V4.10, prior to V4.10 |
| schneider-electric | bmep58s_firmware | |
| Schneider Electric | Legacy Modicon Quantum (140CPU65*) | All, All |
| schneider-electric | bmeh58s_firmware | |
| Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) | prior to SV3.51, prior to SV3.51 |
| schneider-electric | modicon_m340_firmware | 0, 0, 0 |
| schneider-electric | modicon_momentum_unity_m1e_processor_firmware | |
| Schneider Electric | Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) | All , All |
| schneider-electric | tsxp57_firmware | |
| schneider-electric | modicon_m580_firmware | 0, 0, 0 |
| Schneider Electric | Modicon Momentum Unity M1E Processor (171CBU*) | All, All |
| schneider-electric | modicon_mc80_firmware | |
| Schneider Electric | Modicon MC80 (BMKC80) | All, All |
Timeline
- Apr 11, 2023 CVE Published
- Apr 19, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 2, 2023 EPSS Score
- Aug 8, 2023 EPSS Score
- Sep 14, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
- Nov 26, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 8, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 22, 2024 EPSS Score
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-05.pdf url
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-011-06_CODESYSV3_Runtime_Development_System_and_Gateway_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-06.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-03.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-01.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-05_BadAlloc_Vulnerabilities_Security_Notification.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-25619 advisory
- https://https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-05.pdf url